اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

السؤال 1050 من 1103

كل الأسئلة

تنبيه مهم

هذه الصفحة مخصصة للأرشفة وظهور السؤال في نتائج البحث فقط، وليست التجربة الفعلية للاختبار.

A security analyst is investigating a group of SIEM alerts about the installation of a potentially unwanted program on multiple devices. Due to the number of alerts, the analyst is concerned that the program may not be safe. Which of the following actions should the analyst take to determine whether an incident is occurring?

A Place the devices on an isolated VLAN with no external access.
B Use packet captures to analyze traffic for communications to command-and-control destinations.
C Run manual virus scans on all devices and quarantine any findings.
D Reimage the devices immediately and instruct the users to avoid installing the program in the future.

السؤال السابق

السؤال التالي

لا توجد نقاشات منشورة لهذا السؤال حالياً.